Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / d804418c890dde93bff26125b8cf1a9fd7fc82d1^! / . / kubernetes / common / certInitializer
commitd804418c890dde93bff26125b8cf1a9fd7fc82d1[log] [tgz]
authorvladimir turok <vladimir.turok@t-systems.com>Thu Jul 27 16:28:36 2023 +0200
committerAndreas Geissler <andreas-geissler@telekom.de>Mon Aug 07 18:34:04 2023 +0200
tree5c8d93188819e6a913f8e0566d061607b5be9095
parent7a34dfca27abc3a13f89ed8d6b87e4aa7be9613f [diff]
[OOM] Fixing k8s ServiceAccounts

Adding service account for the jobs
Cleanup MSB, ES and other common charts from AAF dependencies

Issue-ID: OOM-3199
Issue-ID: OOM-3114
Issue-ID: OOM-3116

Change-Id: I55bf80876c9fb3b110e538ed1a5504e0dc1d4e1a
Signed-off-by: vladimir turok <vladimir.turok@t-systems.com>

diff --git a/kubernetes/common/certInitializer/Chart.yaml b/kubernetes/common/certInitializer/Chart.yaml
index e1bb478..d70b1de 100644
--- a/kubernetes/common/certInitializer/Chart.yaml
+++ b/kubernetes/common/certInitializer/Chart.yaml

@@ -29,3 +29,6 @@
   - name: repositoryGenerator
     version: ~13.x-0
     repository: 'file://../repositoryGenerator'
+  - name: serviceAccount
+    version: ~13.x-0
+    repository: '@local'

diff --git a/kubernetes/common/certInitializer/templates/job.yaml b/kubernetes/common/certInitializer/templates/job.yaml
index 84a3e87..3120455 100644
--- a/kubernetes/common/certInitializer/templates/job.yaml
+++ b/kubernetes/common/certInitializer/templates/job.yaml

@@ -36,6 +36,7 @@
         volumeMounts: {{ include "common.certInitializer.volumeMount" (dict "dot" . "initRoot" .Values) | nindent 8 }}
         - name: ingress-scripts
           mountPath: /ingress
+      serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       volumes: {{ include "common.certInitializer.volumes" (dict "dot" . "initRoot" .Values) | nindent 6 }}
       - name: localtime
         hostPath:

diff --git a/kubernetes/common/certInitializer/values.yaml b/kubernetes/common/certInitializer/values.yaml
index 747c94f..0fde2cf 100644
--- a/kubernetes/common/certInitializer/values.yaml
+++ b/kubernetes/common/certInitializer/values.yaml

@@ -70,3 +70,9 @@
 # We had to move this CM to a separate chart to reduce the total size of our charts
 # as it exceeds the default helm limits.
 certsCMName: '{{ include "common.release" . }}-cert-wrapper-certs'
+
+#Pods Service Account
+serviceAccount:
+  nameOverride: certinitializer
+  roles:
+    - read
\ No newline at end of file